Le seul point \u00e0 prendre en compte est que le certificat est valide pour une dur\u00e9e de 3 mois, il sera donc n\u00e9cessaire de le renouveler r\u00e9guli\u00e8rement.<\/p>\n
L’installation et la g\u00e9n\u00e9ration des certificats sont tr\u00e8s rapide et pratique , nous allons voir comment proc\u00e9der pour installer ces certificats sur notre serveur d\u00e9di\u00e9 avec Ubuntu 14.04<\/p>\n
(Un acc\u00e8s root ou sudo est n\u00e9cessaire )<\/p>\n
#Telechargement du robot de certification\r\nwget https:\/\/dl.eff.org\/certbot-auto\r\n#Mise \u00e0 jour des droits\r\nchmod a+x certbot-auto\r\n<\/pre>\nPour un serveur avec apache2<\/strong><\/p>\n#Execution avec la configuration apache\r\n$ sudo .\/certbot-auto --apache\r\n<\/pre>\nVous pouvez ensuite choisir les domaines pour lesquels vous souhaitez un certicat https<\/p>\n
![\"Certbot](\"https:\/\/www.h-hennes.fr\/blog\/wp-content\/uploads\/2016\/10\/certbot.jpg\")
<\/p>\n
Il faut ensuite choisir si vous souhaitez que https soit obligatoire ou optionnel ( laisser en optionnel par d\u00e9faut )<\/p>\n
![\"Certbot](\"https:\/\/www.h-hennes.fr\/blog\/wp-content\/uploads\/2016\/10\/certbot2.jpg\")
\nLes certificats sont ensuite g\u00e9n\u00e9r\u00e9s, il vous suffit de recharger la configuration d’apache et tout fonctionne \ud83d\ude09<\/p>\n
sudo service apache2 reload<\/pre>\nPour renouveler votre certificat vous pouvez par exemple mettre une tache cron tous les lundi comme ceci<\/p>\n
0 10 * * 1 .\/path\/to\/certbot-auto renew --quiet --no-self-upgrade<\/pre>\nPour un serveur avec nginx :<\/strong><\/p>\nPour nginx , c’est un peu plus \u00ab\u00a0compliqu\u00e9\u00a0\u00bb car il n’existe pas d’installation automatique.
\nMais \u00e7a reste tout de m\u00eame tr\u00e8s accessible.<\/p>\n
Pour commencer il faut g\u00e9n\u00e9rer les certifications<\/p>\n
$ sudo .\/certbot-auto certonly --webroot -w \/var\/www\/example -d example.com -d www.example.com \r\n<\/pre>\nL’option -w correspond \u00e0 l’emplacement du site sur le serveur
\nL’option -d correspond aux noms de domaines qui y sont associ\u00e9s ( 1 ou plusieurs )<\/p>\n
Les certificats sont ensuite g\u00e9n\u00e9r\u00e9s dans l’emplacement \/etc\/letsencrypt\/live\/example.com\/<\/p>\n
Il vous suffit ensuite de les rajouter dans la configuration nginx ( et de rajouter l’ecoute sur le port 443 )<\/p>\n
server {\r\n listen 80;\r\n listen 443 ssl;\r\n\r\n ssl_certificate \/etc\/letsencrypt\/live\/example.com\/fullchain.pem;\r\n ssl_certificate_key \/etc\/letsencrypt\/live\/example.com\/privkey.pem;\r\n\r\n root \/var\/www\/example;\r\n\r\n #Your configuration\r\n ...\r\n}\r\n<\/pre>\nPour finir reloader la configuration nginx :<\/p>\n
sudo service nginx reload<\/pre>\nVos sites seront ensuite accessibles via le protocole https \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"
Si il \u00e9tait conseill\u00e9 auparavant l’utilisation du protocole https est maintenant une n\u00e9cessit\u00e9. Ce param\u00e8tre est m\u00eame pris en compte par google pour l’indexation de votre site. Pour ceux qui font tourner une boutique de taille raisonnable et qui ne souhaitent pas de garantie \u00e9tendue ( ou qui n’ont tout simplement pas le budget ), […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[254],"tags":[447,467,418,468,444],"class_list":["post-1441","post","type-post","status-publish","format-standard","hentry","category-serveurs-dedies","tag-apache2","tag-certificat","tag-https","tag-letsencrypt","tag-nginx"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.h-hennes.fr\/blog\/wp-json\/wp\/v2\/posts\/1441","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.h-hennes.fr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.h-hennes.fr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.h-hennes.fr\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.h-hennes.fr\/blog\/wp-json\/wp\/v2\/comments?post=1441"}],"version-history":[{"count":3,"href":"https:\/\/www.h-hennes.fr\/blog\/wp-json\/wp\/v2\/posts\/1441\/revisions"}],"predecessor-version":[{"id":1446,"href":"https:\/\/www.h-hennes.fr\/blog\/wp-json\/wp\/v2\/posts\/1441\/revisions\/1446"}],"wp:attachment":[{"href":"https:\/\/www.h-hennes.fr\/blog\/wp-json\/wp\/v2\/media?parent=1441"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.h-hennes.fr\/blog\/wp-json\/wp\/v2\/categories?post=1441"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.h-hennes.fr\/blog\/wp-json\/wp\/v2\/tags?post=1441"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}